Wireshark-bugs: [Wireshark-bugs] [Bug 8791] New: Improve dissection of GSM SIM payloads in USB C

Date: Wed, 12 Jun 2013 10:38:37 +0000
Bug ID 8791
Summary Improve dissection of GSM SIM payloads in USB CCID packets
Classification Unclassified
Product Wireshark
Version SVN
Hardware All
OS All
Status UNCONFIRMED
Severity Enhancement
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Created attachment 10968 [details]
A patch implementing this functionality

Build Information:
Version 1.11.0 (SVN Rev 49899 from /trunk)

Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.24.13, with Cairo 1.12.2, with Pango 1.30.1, with
GLib 2.34.1, with libpcap, with libz 1.2.7, without POSIX capabilities, with
libnl 1, without SMI, without c-ares, without ADNS, without Lua, without
Python,
without GnuTLS, with Gcrypt 1.5.0, without Kerberos, without GeoIP, without
PortAudio, without AirPcap.

Running on Linux 3.5.0-28-generic, with locale ja_JP.UTF-8, with libpcap
version
1.5.0-PRE-GIT_2013_04_17, with libz 1.2.7, Gcrypt 1.5.0.

Built using gcc 4.7.2.

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The attached patch improves handling of GSM SIM payloads in USB CCID packets by
adding support for bi-directional card <-> reader payloads (as opposed to the
current reader -> card-only support), and using the separate
gsm_sim.command/gsm_sim.response dissectors (like the BTSAP dissector), instead
of the "monolithic" one that defaults to OSMoCom SIMTrace mode by default.

This should bring a slight further reduction in malformed packets caused by
attempting to dissect non-existent "status words" in reader -> card APDUs, and
make trying to dissect card -> reader APDUs easier in the future.


You are receiving this mail because:
  • You are watching all bug changes.